This is an archive of the discontinued LLVM Phabricator instance.

Differential D112869

[libc++] Implement P2186R2 (Remove Garbage Collection)
ClosedPublic

Authored by philnik on Oct 30 2021, 5:44 AM.

Details

Reviewers
Quuxplusone
ldionne
Group Reviewers
Restricted Project
Commits
rGb57c22ade867: [libc++] Implement P2186R2 (Remove Garbage Collection)

Diff Detail

Event Timeline

philnik requested review of this revision.Oct 30 2021, 5:44 AM
philnik created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptOct 30 2021, 5:44 AM
Herald added a reviewer: Restricted Project. · View Herald Transcript
Herald added a subscriber: libcxx-commits. · View Herald Transcript
Harbormaster completed remote builds in B131574: Diff 383582.Oct 30 2021, 6:45 AM
Quuxplusone requested changes to this revision.Oct 30 2021, 11:25 AM

This approach seems acceptable to me because I don't imagine that anyone really cares about the pointer safety facilities. However, it seems to deliberately take the bad middle path between two better extremes:

  • If we believe the rationale in the paper (and my own prejudices), I suggest that we should simplify libc++ by aggressively removing the facilities from all C++ versions, removing the ifdefs, removing the tests, removing the detail header, and release-noting it. (And removing the abilist entries and memory.cpp stuff? Or is that a bridge too far?)
  • If we truly believe that there exists C++20 code in the wild that is using these facilities, then unconditionally dropping them from C++2b seems user-hostile. We should use the usual libc++ approach of allowing users to opt back in to removed features via _LIBCPP_ENABLE_CXX23_REMOVED_FEATURES/_LIBCPP_ENABLE_CXX23_REMOVED_POINTER_SAFETY.
libcxx/include/__memory/pointer_safety.h
0

Pre-existing: This comment should just be

#endif // !defined(_LIBCPP_CXX03_LANG) && _LIBCPP_STD_VER <= 20
0

These four functions are defined in src/memory.cpp, and thus in the abilists. Should we do anything special with them in either of those places? (I suspect "do nothing special" is correct, but I'm not sure.)

0

Please update the synopsis in <memory> with // removed in C++23 comments, too (or delete those lines entirely, in the event that we decide on the aggressive-removal option).

This revision now requires changes to proceed.Oct 30 2021, 11:25 AM
philnik updated this revision to Diff 383758.Nov 1 2021, 3:04 AM
philnik marked 2 inline comments as done.

I'm going with option 1 right now. If anybody thinks there are users I can revert the changes later.

  • Removed pointer_safety
Herald added a subscriber: mgorny. · View Herald TranscriptNov 1 2021, 3:04 AM
Harbormaster completed remote builds in B131713: Diff 383758.Nov 1 2021, 3:08 AM
ldionne requested changes to this revision.Nov 1 2021, 7:17 AM
ldionne added a subscriber: ldionne.

At first sight, I'm OK with this removal. I, too, can't imagine anyone relying on that code. However, I think we should still keep those symbols around because we have a hard policy of never removing symbols exported from the dylib (except in special circumstances where the symbol is also defined in any TU that uses the said function, like a function template that would end up being exported from the dylib by mistake).

Long story short, I would create a legacy_pointer_safety.cpp file and shove declare_reachable & friends in it. I would add a comment explaining that we don't ship that feature anymore, but we're still providing the symbols for strict backwards ABI compatibility.

This way, if someone has compiled code that (for some probably bad) reason relied on those symbols, their program will keep working when libc++ is updated from under their feet (e.g. when you update your OS on any platform that uses libc++). If someone used to rely on those and tries to compile their code against a new libc++, they will have to get rid of those references because the library won't provide the declarations anymore - but I think it's reasonable to request some minimal action if folks are recompiling their code. Finally, this solution is very low maintenance for us.

This revision now requires changes to proceed.Nov 1 2021, 7:17 AM
Quuxplusone requested changes to this revision.Nov 1 2021, 8:17 AM

LGTM mod Louis's comments! To fix the CI redness, you'll need to git rm the autogenerated header test file that is no longer being generated.
I think the new release note should go like this:

API Changes
-----------

The declarations of functions `declare_reachable`, `undeclare_reachable`, `declare_no_pointers`,
`undeclare_no_pointers`, and `get_pointer_safety` have been removed not only from C++2b but
from all modes. Their symbols are still provided by the dynamic library for the benefit of
existing compiled code. All of these functions have always behaved as no-ops.

(Technically get_pointer_safety is not a "no-op"; and undeclare_reachable is a template, not a function; but I don't think those technicalities are worth complicating the message.)

philnik updated this revision to Diff 383897.Nov 1 2021, 2:50 PM
  • Added legacy_pointer_safety.cpp for ABI compatiblilty
Harbormaster completed remote builds in B131817: Diff 383897.Nov 1 2021, 3:12 PM
philnik added a comment.Nov 2 2021, 3:05 AM

How do I add the symbols back into the library?

ldionne added inline comments.Nov 2 2021, 8:24 AM
libcxx/src/legacy_pointer_safety.cpp
1 ↗(On Diff #383897)

Please don't add the name of the file. We're trying to move away from that.

12–13 ↗(On Diff #383897)
17–20 ↗(On Diff #383897)

I believe that should fix your ABI list issues.

philnik updated this revision to Diff 384162.Nov 2 2021, 10:44 AM
philnik marked 3 inline comments as done.

Applied comments

Harbormaster completed remote builds in B132011: Diff 384162.Nov 2 2021, 3:38 PM
Quuxplusone accepted this revision as: Quuxplusone.Nov 3 2021, 10:44 AM
Quuxplusone added inline comments.
libcxx/src/legacy_pointer_safety.cpp
12 ↗(On Diff #384162)

Remove bogus (if harmless) trailing dot in wg21.link./

philnik updated this revision to Diff 384543.Nov 3 2021, 11:40 AM
  • Removed .
philnik marked an inline comment as done.Nov 3 2021, 11:40 AM
Harbormaster completed remote builds in B132297: Diff 384543.Nov 3 2021, 1:13 PM
ldionne accepted this revision.Nov 8 2021, 2:29 PM

Thanks.

Just for posterity, this doesn't create a precedent for backporting removals to all standard modes when a paper lands. This case is special -- our support for garbage collection has always been a joke and I think the library is better for not presenting this basically unimplemented API to users. At least we don't pretend that we implement something reasonable.

This revision is now accepted and ready to land.Nov 8 2021, 2:29 PM
philnik added a comment.Nov 9 2021, 4:58 AM

I don't have commit permissions, so someone else has to commit it for me. "Nikolas Klauser" <nikolasklauser@berlin.de>

Closed by commit rGb57c22ade867: [libc++] Implement P2186R2 (Remove Garbage Collection) (authored by philnik, committed by Mordante). · Explain WhyNov 11 2021, 10:03 AM
This revision was automatically updated to reflect the committed changes.
Mordante added a commit: rGb57c22ade867: [libc++] Implement P2186R2 (Remove Garbage Collection).
Mordante added a subscriber: Mordante.Nov 11 2021, 10:05 AM

@philnik FYI There was a trivial merge conflict in the release notes.

Pawday added a subscriber: Pawday.Feb 25 2023, 3:36 AM

Why it doesn't rely on _LIBCPP_STD_VER?

Herald added a project: Restricted Project. · View Herald TranscriptFeb 25 2023, 3:36 AM
philnik added a comment.Feb 25 2023, 4:25 AM
In D112869#4152335, @Pawday wrote:

Why it doesn't rely on _LIBCPP_STD_VER?

As discussed in the paper, there is no known implementation of the strict pointer safety facilities, which means that every use of this is a no-op, and therefore probably wrong. Pretty much the only code you can find is inside tests or a standard library: https://sourcegraph.com/search?q=context:global+declare_reachable+file:%5C.cpp+-file:en%5C.cppreference%5C.com+-file:declare_reachable%5C.pass%5C.cpp+-file:memory%5C.cpp+-file:legacy_pointer_safety%5C.cpp&patternType=standard&sm=1&groupBy=repo

Pawday added a comment.Feb 25 2023, 4:37 AM
In D112869#4152384, @philnik wrote:
In D112869#4152335, @Pawday wrote:

Why it doesn't rely on _LIBCPP_STD_VER?

As discussed in the paper, there is no known implementation of the strict pointer safety facilities, which means that every use of this is a no-op, and therefore probably wrong. Pretty much the only code you can find is inside tests or a standard library: https://sourcegraph.com/search?q=context:global+declare_reachable+file:%5C.cpp+-file:en%5C.cppreference%5C.com+-file:declare_reachable%5C.pass%5C.cpp+-file:memory%5C.cpp+-file:legacy_pointer_safety%5C.cpp&patternType=standard&sm=1&groupBy=repo

Does this mean if i set my compiler to -std=c++14 for example, and will include "memory" i would not get the full c++ 14 support (with std::declare_reachable for example)?

philnik added a comment.Feb 25 2023, 4:41 AM
In D112869#4152409, @Pawday wrote:
In D112869#4152384, @philnik wrote:
In D112869#4152335, @Pawday wrote:

Why it doesn't rely on _LIBCPP_STD_VER?

As discussed in the paper, there is no known implementation of the strict pointer safety facilities, which means that every use of this is a no-op, and therefore probably wrong. Pretty much the only code you can find is inside tests or a standard library: https://sourcegraph.com/search?q=context:global+declare_reachable+file:%5C.cpp+-file:en%5C.cppreference%5C.com+-file:declare_reachable%5C.pass%5C.cpp+-file:memory%5C.cpp+-file:legacy_pointer_safety%5C.cpp&patternType=standard&sm=1&groupBy=repo

Does this mean if i set my compiler to -std=c++14 for example, and will include "memory" i would not get the full c++ 14 support (with std::declare_reachable for example)?

Technically yes, but I don't think anybody cares.

ldionne added a comment.Feb 27 2023, 10:15 AM
In D112869#4152409, @Pawday wrote:
In D112869#4152384, @philnik wrote:
In D112869#4152335, @Pawday wrote:

Why it doesn't rely on _LIBCPP_STD_VER?

As discussed in the paper, there is no known implementation of the strict pointer safety facilities, which means that every use of this is a no-op, and therefore probably wrong. Pretty much the only code you can find is inside tests or a standard library: https://sourcegraph.com/search?q=context:global+declare_reachable+file:%5C.cpp+-file:en%5C.cppreference%5C.com+-file:declare_reachable%5C.pass%5C.cpp+-file:memory%5C.cpp+-file:legacy_pointer_safety%5C.cpp&patternType=standard&sm=1&groupBy=repo

Does this mean if i set my compiler to -std=c++14 for example, and will include "memory" i would not get the full c++ 14 support (with std::declare_reachable for example)?

Yes, that is correct. However, I think that was widely seen as a mis-feature, hence why it was never implemented and then removed. Like @philnik said, libc++'s stance here is that we're better off making it a compilation error for people who try to use it than let it compile, but do nothing good. That technically makes us non-conforming in C++14 mode, however in practice it's better to be non-conforming than conforming (in that specific aspect).

Revision Contents

PathSize
libcxx/
include/
1 line
__memory/
9 lines
1 line
src/
21 lines
test/
std/
utilities/
memory/
util.dynamic.safety/

Diff 383758

libcxx/include/CMakeLists.txt

Show First 20 LinesShow All 214 Lines▼ Show 20 Linesset(files
__memory/addressof.h __memory/addressof.h
__memory/allocation_guard.h __memory/allocation_guard.h
__memory/allocator_arg_t.h __memory/allocator_arg_t.h
__memory/allocator_traits.h __memory/allocator_traits.h
__memory/allocator.h __memory/allocator.h
__memory/auto_ptr.h __memory/auto_ptr.h
__memory/compressed_pair.h __memory/compressed_pair.h
__memory/construct_at.h __memory/construct_at.h
__memory/pointer_safety.h
__memory/pointer_traits.h __memory/pointer_traits.h
__memory/raw_storage_iterator.h __memory/raw_storage_iterator.h
__memory/shared_ptr.h __memory/shared_ptr.h
__memory/temporary_buffer.h __memory/temporary_buffer.h
__memory/uninitialized_algorithms.h __memory/uninitialized_algorithms.h
__memory/unique_ptr.h __memory/unique_ptr.h
__memory/uses_allocator.h __memory/uses_allocator.h
__mutex_base __mutex_base
▲ Show 20 LinesShow All 264 LinesShow Last 20 Lines

libcxx/include/__memory/pointer_safety.h

  • This file was deleted.
// -*- C++ -*-
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
#ifndef _LIBCPP___MEMORY_POINTER_SAFETY_H
#define _LIBCPP___MEMORY_POINTER_SAFETY_H
#include <__config>
#include <cstddef>
#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER)
#pragma GCC system_header
#endif
_LIBCPP_BEGIN_NAMESPACE_STD
#if !defined(_LIBCPP_CXX03_LANG)
enum class pointer_safety : unsigned char {
relaxed,
preferred,
strict
};
inline _LIBCPP_INLINE_VISIBILITY
pointer_safety get_pointer_safety() _NOEXCEPT {
return pointer_safety::relaxed;
}
_LIBCPP_FUNC_VIS void declare_reachable(void* __p);
_LIBCPP_FUNC_VIS void declare_no_pointers(char* __p, size_t __n);
_LIBCPP_FUNC_VIS void undeclare_no_pointers(char* __p, size_t __n);
_LIBCPP_FUNC_VIS void* __undeclare_reachable(void* __p);
template <class _Tp>
inline _LIBCPP_INLINE_VISIBILITY
_Tp*
undeclare_reachable(_Tp* __p)
{
return static_cast<_Tp*>(__undeclare_reachable(__p));
}
#endif // !C++03
_LIBCPP_END_NAMESPACE_STD
#endif // _LIBCPP___MEMORY_POINTER_SAFETY_H

libcxx/include/memory

Show First 20 LinesShow All 649 Lines▼ Show 20 Lines
// Hash support // Hash support
template <class T> struct hash; template <class T> struct hash;
template <class T, class D> struct hash<unique_ptr<T, D> >; template <class T, class D> struct hash<unique_ptr<T, D> >;
template <class T> struct hash<shared_ptr<T> >; template <class T> struct hash<shared_ptr<T> >;
template <class T, class Alloc> template <class T, class Alloc>
inline constexpr bool uses_allocator_v = uses_allocator<T, Alloc>::value; inline constexpr bool uses_allocator_v = uses_allocator<T, Alloc>::value;
// Pointer safety
enum class pointer_safety { relaxed, preferred, strict }; // since C++11
void declare_reachable(void *p); // since C++11
template <class T> T *undeclare_reachable(T *p); // since C++11
void declare_no_pointers(char *p, size_t n); // since C++11
void undeclare_no_pointers(char *p, size_t n); // since C++11
pointer_safety get_pointer_safety() noexcept; // since C++11
void* align(size_t alignment, size_t size, void*& ptr, size_t& space); void* align(size_t alignment, size_t size, void*& ptr, size_t& space);
} // std } // std
*/ */
#include <__config> #include <__config>
#include <__functional_base> #include <__functional_base>
#include <__memory/addressof.h> #include <__memory/addressof.h>
#include <__memory/allocation_guard.h> #include <__memory/allocation_guard.h>
#include <__memory/allocator.h> #include <__memory/allocator.h>
#include <__memory/allocator_arg_t.h> #include <__memory/allocator_arg_t.h>
#include <__memory/allocator_traits.h> #include <__memory/allocator_traits.h>
#include <__memory/compressed_pair.h> #include <__memory/compressed_pair.h>
#include <__memory/construct_at.h> #include <__memory/construct_at.h>
#include <__memory/pointer_safety.h>
#include <__memory/pointer_traits.h> #include <__memory/pointer_traits.h>
#include <__memory/raw_storage_iterator.h> #include <__memory/raw_storage_iterator.h>
#include <__memory/shared_ptr.h> #include <__memory/shared_ptr.h>
#include <__memory/temporary_buffer.h> #include <__memory/temporary_buffer.h>
#include <__memory/uninitialized_algorithms.h> #include <__memory/uninitialized_algorithms.h>
#include <__memory/unique_ptr.h> #include <__memory/unique_ptr.h>
#include <__memory/uses_allocator.h> #include <__memory/uses_allocator.h>
#include <compare> #include <compare>
▲ Show 20 LinesShow All 276 LinesShow Last 20 Lines

libcxx/include/module.modulemap

Show First 20 LinesShow All 614 Lines▼ Show 20 Lines module __memory {
module addressof { private header "__memory/addressof.h" } module addressof { private header "__memory/addressof.h" }
module allocation_guard { private header "__memory/allocation_guard.h" } module allocation_guard { private header "__memory/allocation_guard.h" }
module allocator { private header "__memory/allocator.h" } module allocator { private header "__memory/allocator.h" }
module allocator_arg_t { private header "__memory/allocator_arg_t.h" } module allocator_arg_t { private header "__memory/allocator_arg_t.h" }
module allocator_traits { private header "__memory/allocator_traits.h" } module allocator_traits { private header "__memory/allocator_traits.h" }
module auto_ptr { private header "__memory/auto_ptr.h" } module auto_ptr { private header "__memory/auto_ptr.h" }
module compressed_pair { private header "__memory/compressed_pair.h" } module compressed_pair { private header "__memory/compressed_pair.h" }
module construct_at { private header "__memory/construct_at.h" } module construct_at { private header "__memory/construct_at.h" }
module pointer_safety { private header "__memory/pointer_safety.h" }
module pointer_traits { private header "__memory/pointer_traits.h" } module pointer_traits { private header "__memory/pointer_traits.h" }
module raw_storage_iterator { private header "__memory/raw_storage_iterator.h" } module raw_storage_iterator { private header "__memory/raw_storage_iterator.h" }
module shared_ptr { private header "__memory/shared_ptr.h" } module shared_ptr { private header "__memory/shared_ptr.h" }
module temporary_buffer { private header "__memory/temporary_buffer.h" } module temporary_buffer { private header "__memory/temporary_buffer.h" }
module uninitialized_algorithms { private header "__memory/uninitialized_algorithms.h" } module uninitialized_algorithms { private header "__memory/uninitialized_algorithms.h" }
module unique_ptr { private header "__memory/unique_ptr.h" } module unique_ptr { private header "__memory/unique_ptr.h" }
module uses_allocator { private header "__memory/uses_allocator.h" } module uses_allocator { private header "__memory/uses_allocator.h" }
} }
▲ Show 20 LinesShow All 347 LinesShow Last 20 Lines

libcxx/src/memory.cpp

Show First 20 LinesShow All 177 Lines▼ Show 20 Lines static __sp_mut muts[__sp_mut_count]
&mut_back[ 8], &mut_back[ 9], &mut_back[10], &mut_back[11], &mut_back[ 8], &mut_back[ 9], &mut_back[10], &mut_back[11],
&mut_back[12], &mut_back[13], &mut_back[14], &mut_back[15] &mut_back[12], &mut_back[13], &mut_back[14], &mut_back[15]
}; };
return muts[hash<const void*>()(p) & (__sp_mut_count-1)]; return muts[hash<const void*>()(p) & (__sp_mut_count-1)];
} }
#endif // !defined(_LIBCPP_HAS_NO_ATOMIC_HEADER) #endif // !defined(_LIBCPP_HAS_NO_ATOMIC_HEADER)
void
declare_reachable(void*)
{
}
void
declare_no_pointers(char*, size_t)
{
}
void
undeclare_no_pointers(char*, size_t)
{
}
void*
__undeclare_reachable(void* p)
{
return p;
}
void* void*
align(size_t alignment, size_t size, void*& ptr, size_t& space) align(size_t alignment, size_t size, void*& ptr, size_t& space)
{ {
void* r = nullptr; void* r = nullptr;
if (size <= space) if (size <= space)
{ {
char* p1 = static_cast<char*>(ptr); char* p1 = static_cast<char*>(ptr);
char* p2 = reinterpret_cast<char*>(reinterpret_cast<size_t>(p1 + (alignment - 1)) & -alignment); char* p2 = reinterpret_cast<char*>(reinterpret_cast<size_t>(p1 + (alignment - 1)) & -alignment);
Show All 12 Lines

libcxx/test/std/utilities/memory/util.dynamic.safety/declare_no_pointers.pass.cpp

  • This file was deleted.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// UNSUPPORTED: c++03
// <memory>
// void declare_no_pointers(char* p, size_t n);
// void undeclare_no_pointers(char* p, size_t n);
#include <memory>
#include "test_macros.h"
int main(int, char**)
{
char* p = new char[10];
std::declare_no_pointers(p, 10);
std::undeclare_no_pointers(p, 10);
delete [] p;
return 0;
}

libcxx/test/std/utilities/memory/util.dynamic.safety/declare_reachable.pass.cpp

  • This file was deleted.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// UNSUPPORTED: c++03
// <memory>
// void declare_reachable(void* p);
// template <class T> T* undeclare_reachable(T* p);
#include <memory>
#include <cassert>
#include "test_macros.h"
int main(int, char**)
{
int* p = new int;
std::declare_reachable(p);
assert(std::undeclare_reachable(p) == p);
delete p;
return 0;
}

libcxx/test/std/utilities/memory/util.dynamic.safety/get_pointer_safety.pass.cpp

  • This file was deleted.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// <memory>
// pointer_safety get_pointer_safety();
// UNSUPPORTED: c++03
#include <memory>
#include <cassert>
#include "test_macros.h"
int main(int, char**)
{
{
static_assert(std::is_enum<std::pointer_safety>::value, "");
static_assert(!std::is_convertible<std::pointer_safety, int>::value, "");
static_assert(std::is_same<
std::underlying_type<std::pointer_safety>::type,
unsigned char
>::value, "");
}
{
std::pointer_safety r = std::get_pointer_safety();
assert(r == std::pointer_safety::relaxed ||
r == std::pointer_safety::preferred ||
r == std::pointer_safety::strict);
}
// Regression test for https://llvm.org/PR26961
{
std::pointer_safety d;
d = std::get_pointer_safety();
assert(d == std::get_pointer_safety());
}
return 0;
}
libcxx/test/std/utilities/memory/util.dynamic.safety/declare_no_pointers.pass.cpp